A large expertise and knowledge gap exists between infosec professionals and lawyers. On the one hand, infosec professionals may not want to prepare for the LSAT, invest $100,000+, and three years on a legal education (+ preparing and sitting for the bar). On the other hand, lawyers may not want to spend countless hours learning how to penetrate or defend a network or web application. What we are generally left with are technically ignorant lawyers who only understand the law and legally ignorant professionals who only understand infosec. The result of this gap creates a very narrow overlap of understanding between the two professions. This gap decreases understanding, collaboration, efficiency and effectiveness.
This is where I come in: I am a lawyer & I am an infosec professional.
My parents took me out of school when I was 13. I have a GED (passed at 16 years old), an A.A. (Seattle Central Community College), a B.A. (University of Washington), a J.D. (Seattle University School of Law), an MSc (University of Oxford), and an LL.M (UC Berkeley School of Law). I am a member of the New Hampshire Bar. New Hampshire is a Uniform Bar Examination State, so I can easily apply for licensure in twenty-one states.
Since I was 13, I wanted to be a hacker. I am a Certified Ethical Hacker (CEH) and certified Junior Penetration Tester. I am currently enrolled in Elearn Security’s Certified Professional Penetration Tester and Web Application Penetration Testing courses, both are 100% practical and highly respected Ethical Hacking and Penetration Testing Professional certifications. I am also a Certified Information Privacy Professional (CIPP/US). Originally launched in 2004 as the first professional certification ever offered in information privacy, the CIPP has become the preeminent credential in the field. I am also Comptia Security+ certified. Security+ is the certification globally trusted to validate foundational, vendor-neutral IT security knowledge and skills.
infosec.lawyer is the galvanization of my interest and experience in infosec, law, policy, and design.